sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-08 00:02:03 -04:00
Code Issues Projects Releases Wiki Activity

Add IKE version information to ike_cfg_t

Browse Source
This commit is contained in:
Martin Willi 2012-10-16 14:24:35 +02:00
parent cf62d073f1
commit 9fc7cc6f9b
14 changed files with 55 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/charon-nm/nm/nm_service.c
View File

@ -498,7 +498,7 @@ static gboolean connect_(NMVPNPlugin *plugin, NMConnection *connection,
/** /**
* Set up configurations * Set up configurations
*/ */
ike_cfg = ike_cfg_create(TRUE, encap, "0.0.0.0", FALSE, ike_cfg = ike_cfg_create(IKEV2, TRUE, encap, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE), charon->socket->get_port(charon->socket, FALSE),
(char*)address, FALSE, IKEV2_UDP_PORT); (char*)address, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));

2
src/conftest/config.c
View File

@ -101,7 +101,7 @@ static ike_cfg_t *load_ike_config(private_config_t *this,
proposal_t *proposal; proposal_t *proposal;
char *token; char *token;
ike_cfg = ike_cfg_create(TRUE, ike_cfg = ike_cfg_create(IKEV2, TRUE,
settings->get_bool(settings, "configs.%s.fake_nat", FALSE, config), settings->get_bool(settings, "configs.%s.fake_nat", FALSE, config),
settings->get_str(settings, "configs.%s.lhost", "%any", config), FALSE, settings->get_str(settings, "configs.%s.lhost", "%any", config), FALSE,
settings->get_int(settings, "configs.%s.lport", 500, config), settings->get_int(settings, "configs.%s.lport", 500, config),

2
src/frontends/android/jni/libandroidbridge/backend/android_service.c
View File

@ -469,7 +469,7 @@ static job_requeue_t initiate(private_android_service_t *this)
} }
}; };
ike_cfg = ike_cfg_create(TRUE, TRUE, "0.0.0.0", FALSE, ike_cfg = ike_cfg_create(IKEV2, TRUE, TRUE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE), charon->socket->get_port(charon->socket, FALSE),
this->gateway, FALSE, IKEV2_UDP_PORT); this->gateway, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));

16
src/libcharon/config/ike_cfg.c
View File

@ -44,6 +44,11 @@ struct private_ike_cfg_t {
*/ */
refcount_t refcount; refcount_t refcount;
/**
* IKE version to use
*/
ike_version_t version;
/** /**
* Address of local host * Address of local host
*/ */
@ -90,6 +95,12 @@ struct private_ike_cfg_t {
linked_list_t *proposals; linked_list_t *proposals;
}; };
METHOD(ike_cfg_t, get_version, ike_version_t,
private_ike_cfg_t *this)
{
return this->version;
}
METHOD(ike_cfg_t, send_certreq, bool, METHOD(ike_cfg_t, send_certreq, bool,
private_ike_cfg_t *this) private_ike_cfg_t *this)
{ {
@ -254,6 +265,7 @@ METHOD(ike_cfg_t, equals, bool,
e2->destroy(e2); e2->destroy(e2);
return (eq && return (eq &&
this->version == other->version &&
this->certreq == other->certreq && this->certreq == other->certreq &&
this->force_encap == other->force_encap && this->force_encap == other->force_encap &&
streq(this->me, other->me) && streq(this->me, other->me) &&
@ -285,7 +297,7 @@ METHOD(ike_cfg_t, destroy, void,
/** /**
* Described in header. * Described in header.
*/ */
ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap, ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
char *me, bool my_allow_any, u_int16_t my_port, char *me, bool my_allow_any, u_int16_t my_port,
char *other, bool other_allow_any, u_int16_t other_port) char *other, bool other_allow_any, u_int16_t other_port)
{ {
@ -293,6 +305,7 @@ ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
INIT(this, INIT(this,
.public = { .public = {
.get_version = _get_version,
.send_certreq = _send_certreq, .send_certreq = _send_certreq,
.force_encap = _force_encap_, .force_encap = _force_encap_,
.get_my_addr = _get_my_addr, .get_my_addr = _get_my_addr,
@ -308,6 +321,7 @@ ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap,
.destroy = _destroy, .destroy = _destroy,
}, },
.refcount = 1, .refcount = 1,
.version = version,
.certreq = certreq, .certreq = certreq,
.force_encap = force_encap, .force_encap = force_encap,
.me = strdup(me), .me = strdup(me),

10
src/libcharon/config/ike_cfg.h
View File

@ -56,6 +56,13 @@ extern enum_name_t *ike_version_names;
*/ */
struct ike_cfg_t { struct ike_cfg_t {
/**
* Get the IKE version to use with this configuration.
*
* @return IKE major version
*/
ike_version_t (*get_version)(ike_cfg_t *this);
/** /**
* Get own address. * Get own address.
* *
@ -167,6 +174,7 @@ struct ike_cfg_t {
* *
* Supplied hosts become owned by ike_cfg, the name gets cloned. * Supplied hosts become owned by ike_cfg, the name gets cloned.
* *
* @param version IKE major version to use for this config
* @param certreq TRUE to send a certificate request * @param certreq TRUE to send a certificate request
* @param force_encap enforce UDP encapsulation by faking NATD notify * @param force_encap enforce UDP encapsulation by faking NATD notify
* @param me address/DNS name of local peer * @param me address/DNS name of local peer
@ -177,7 +185,7 @@ struct ike_cfg_t {
* @param other_port IKE port to use as dest, 500 uses IKEv2 port floating * @param other_port IKE port to use as dest, 500 uses IKEv2 port floating
* @return ike_cfg_t object. * @return ike_cfg_t object.
*/ */
ike_cfg_t *ike_cfg_create(bool certreq, bool force_encap, ike_cfg_t *ike_cfg_create(ike_version_t version, bool certreq, bool force_encap,
char *me, bool my_allow_any, u_int16_t my_port, char *me, bool my_allow_any, u_int16_t my_port,
char *other, bool other_allow_any, u_int16_t other_port); char *other, bool other_allow_any, u_int16_t other_port);

2
src/libcharon/plugins/android/android_service.c
View File

@ -264,7 +264,7 @@ static job_requeue_t initiate(private_android_service_t *this)
this->creds->set_username_password(this->creds, user, password); this->creds->set_username_password(this->creds, user, password);
} }
ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, ike_cfg = ike_cfg_create(IKEV2, TRUE, FALSE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE), charon->socket->get_port(charon->socket, FALSE),
hostname, FALSE, IKEV2_UDP_PORT); hostname, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));

2
src/libcharon/plugins/ha/ha_tunnel.c
View File

@ -203,7 +203,7 @@ static void setup_tunnel(private_ha_tunnel_t *this,
lib->credmgr->add_set(lib->credmgr, &this->creds.public); lib->credmgr->add_set(lib->credmgr, &this->creds.public);
/* create config and backend */ /* create config and backend */
ike_cfg = ike_cfg_create(FALSE, FALSE, local, FALSE, ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE, local, FALSE,
charon->socket->get_port(charon->socket, FALSE), charon->socket->get_port(charon->socket, FALSE),
remote, FALSE, IKEV2_UDP_PORT); remote, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));

7
src/libcharon/plugins/load_tester/load_tester_config.c
View File

@ -261,14 +261,15 @@ static peer_cfg_t* generate_config(private_load_tester_config_t *this, uint num)
if (this->port && num) if (this->port && num)
{ {
ike_cfg = ike_cfg_create(FALSE, FALSE, ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
this->local, FALSE, this->port + num - 1, this->local, FALSE, this->port + num - 1,
this->remote, FALSE, IKEV2_NATT_PORT); this->remote, FALSE, IKEV2_NATT_PORT);
} }
else else
{ {
ike_cfg = ike_cfg_create(FALSE, FALSE, ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
this->local, FALSE, charon->socket->get_port(charon->socket, FALSE), this->local, FALSE,
charon->socket->get_port(charon->socket, FALSE),
this->remote, FALSE, IKEV2_UDP_PORT); this->remote, FALSE, IKEV2_UDP_PORT);
} }
ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal)); ike_cfg->add_proposal(ike_cfg, this->proposal->clone(this->proposal));

2
src/libcharon/plugins/maemo/maemo_service.c
View File

@ -323,7 +323,7 @@ static gboolean initiate_connection(private_maemo_service_t *this,
NULL); NULL);
} }
ike_cfg = ike_cfg_create(TRUE, FALSE, "0.0.0.0", FALSE, ike_cfg = ike_cfg_create(IKEV2, TRUE, FALSE, "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE), charon->socket->get_port(charon->socket, FALSE),
hostname, FALSE, IKEV2_UDP_PORT); hostname, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));

10
src/libcharon/plugins/medcli/medcli_config.c
View File

@ -118,8 +118,9 @@ METHOD(backend_t, get_peer_cfg_by_name, peer_cfg_t*,
DESTROY_IF(e); DESTROY_IF(e);
return NULL; return NULL;
} }
ike_cfg = ike_cfg_create(FALSE, FALSE, ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
"0.0.0.0", FALSE, charon->socket->get_port(charon->socket, FALSE), "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
address, FALSE, IKEV2_UDP_PORT); address, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, proposal_create_default(PROTO_IKE));
med_cfg = peer_cfg_create( med_cfg = peer_cfg_create(
@ -392,8 +393,9 @@ medcli_config_t *medcli_config_create(database_t *db)
.db = db, .db = db,
.rekey = lib->settings->get_time(lib->settings, "medcli.rekey", 1200), .rekey = lib->settings->get_time(lib->settings, "medcli.rekey", 1200),
.dpd = lib->settings->get_time(lib->settings, "medcli.dpd", 300), .dpd = lib->settings->get_time(lib->settings, "medcli.dpd", 300),
.ike = ike_cfg_create(FALSE, FALSE, .ike = ike_cfg_create(IKEV2, FALSE, FALSE,
"0.0.0.0", FALSE, charon->socket->get_port(charon->socket, FALSE), "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
"0.0.0.0", FALSE, IKEV2_UDP_PORT), "0.0.0.0", FALSE, IKEV2_UDP_PORT),
); );
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));

5
src/libcharon/plugins/medsrv/medsrv_config.c
View File

@ -139,8 +139,9 @@ medsrv_config_t *medsrv_config_create(database_t *db)
.db = db, .db = db,
.rekey = lib->settings->get_time(lib->settings, "medsrv.rekey", 1200), .rekey = lib->settings->get_time(lib->settings, "medsrv.rekey", 1200),
.dpd = lib->settings->get_time(lib->settings, "medsrv.dpd", 300), .dpd = lib->settings->get_time(lib->settings, "medsrv.dpd", 300),
.ike = ike_cfg_create(FALSE, FALSE, .ike = ike_cfg_create(IKEV2, FALSE, FALSE,
"0.0.0.0", FALSE, charon->socket->get_port(charon->socket, FALSE), "0.0.0.0", FALSE,
charon->socket->get_port(charon->socket, FALSE),
"0.0.0.0", FALSE, IKEV2_UDP_PORT), "0.0.0.0", FALSE, IKEV2_UDP_PORT),
); );
this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE)); this->ike->add_proposal(this->ike, proposal_create_default(PROTO_IKE));

5
src/libcharon/plugins/sql/sql_config.c
View File

@ -258,8 +258,9 @@ static ike_cfg_t *build_ike_cfg(private_sql_config_t *this, enumerator_t *e,
{ {
ike_cfg_t *ike_cfg; ike_cfg_t *ike_cfg;
ike_cfg = ike_cfg_create(certreq, force_encap, ike_cfg = ike_cfg_create(IKEV2, certreq, force_encap,
local, FALSE, charon->socket->get_port(charon->socket, FALSE), local, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote, FALSE, IKEV2_UDP_PORT); remote, FALSE, IKEV2_UDP_PORT);
add_ike_proposals(this, ike_cfg, id); add_ike_proposals(this, ike_cfg, id);
return ike_cfg; return ike_cfg;

3
src/libcharon/plugins/stroke/stroke_config.c
View File

@ -225,7 +225,8 @@ static ike_cfg_t *build_ike_cfg(private_stroke_config_t *this, stroke_msg_t *msg
ikeport = msg->add_conn.me.ikeport; ikeport = msg->add_conn.me.ikeport;
ikeport = (ikeport == IKEV2_UDP_PORT) ? ikeport = (ikeport == IKEV2_UDP_PORT) ?
charon->socket->get_port(charon->socket, FALSE) : ikeport; charon->socket->get_port(charon->socket, FALSE) : ikeport;
ike_cfg = ike_cfg_create(msg->add_conn.other.sendcert != CERT_NEVER_SEND, ike_cfg = ike_cfg_create(msg->add_conn.version,
msg->add_conn.other.sendcert != CERT_NEVER_SEND,
msg->add_conn.force_encap, msg->add_conn.force_encap,
msg->add_conn.me.address, msg->add_conn.me.address,
msg->add_conn.me.allow_any, msg->add_conn.me.allow_any,

12
src/libcharon/plugins/uci/uci_config.c
View File

@ -168,8 +168,9 @@ METHOD(enumerator_t, peer_enumerator_enumerate, bool,
&ike_proposal, &esp_proposal, &ike_rekey, &esp_rekey)) &ike_proposal, &esp_proposal, &ike_rekey, &esp_rekey))
{ {
DESTROY_IF(this->peer_cfg); DESTROY_IF(this->peer_cfg);
ike_cfg = ike_cfg_create(FALSE, FALSE, ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
local_addr, FALSE, charon->socket->get_port(charon->socket, FALSE), local_addr, FALSE,
charon->socket->get_port(charon->socket, FALSE),
remote_addr, FALSE, IKEV2_UDP_PORT); remote_addr, FALSE, IKEV2_UDP_PORT);
ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE)); ike_cfg->add_proposal(ike_cfg, create_proposal(ike_proposal, PROTO_IKE));
this->peer_cfg = peer_cfg_create( this->peer_cfg = peer_cfg_create(
@ -265,9 +266,10 @@ METHOD(enumerator_t, ike_enumerator_enumerate, bool,
&local_addr, &remote_addr, &ike_proposal)) &local_addr, &remote_addr, &ike_proposal))
{ {
DESTROY_IF(this->ike_cfg); DESTROY_IF(this->ike_cfg);
this->ike_cfg = ike_cfg_create(FALSE, FALSE, this->ike_cfg = ike_cfg_create(IKEV2, FALSE, FALSE,
local_addr, FALSE, charon->socket->get_port(charon->socket, FALSE), local_addr, FALSE,
remote_addr, FALSE, IKEV2_UDP_PORT); charon->socket->get_port(charon->socket, FALSE),
remote_addr, FALSE, IKEV2_UDP_PORT);
this->ike_cfg->add_proposal(this->ike_cfg, this->ike_cfg->add_proposal(this->ike_cfg,
create_proposal(ike_proposal, PROTO_IKE)); create_proposal(ike_proposal, PROTO_IKE));